Browse: Home / 2010 / July / 29 / Android app steals data

Android app steals data

By Dave M. on July 29, 2010

VentureBeat.com has an interesting article about an Android app that was downloaded several million times that collected browsing history, text messages, the phone’s SIM card number, subscriber identification, and even voicemail passwords.

Normally I wouldn’t even bother bringing up such an article. However, this pretty much highlights the need for some sort of vetting in the mobile app market place. Apple tries to do this with a fair amount of success. There are exceptions like the flashlight app that allows tethering, and the e-book apps that were sniffing users iTunes passwords. Even though those apps got through, they were later caught and dealt with.

There are a lot of folks claiming that the Android platform is much better since the apps are “open” for developers to do what they want. To some degree this is true. However, it also means that there is a potential for very dangerous apps to be downloaded by Android users without them even knowing it. Android enthusiasts say: “You should be careful what you install on your mobile device.” That’s great, how do you do this? It’s not like you can see if the application is safe to download before you download it. Afterwords it could be too late.

There is a post on an Android forum: How to be safe, find trusted apps, & avoid viruses – A guide for those new to Android that describes types of dangerous apps and permission settings for them. Now, I can see computer savvy people digging this level of control and knowledge for their phones. However, there are many many more people out there that wouldn’t have the first inkling of what that article said and don’t care. They just want to make calls and maybe deal with emails and surf the web.

Not to mention, businesses are going to be a little concerned about a phone that could potentially be insecure when it comes to emails and other data that could be on their employee’s phones.

This isn’t to say that iPhones are completely secure. Those e-book apps and the flashlight app prove that iPhones are not completely secure. However, when compared to Android OS phones…

Posted in | Tagged , , | 2 Responses

  • spiritofnine

    Apple has a broken, infuriating, and embarrassing approval process that still allows data-stealing apps to get through, even though those apps are eventually identified and dealt with accordingly.

    Android has an open system that allows data-stealing apps to get through, even though those apps are eventually identified and dealt with accordingly.

  • Dave_Metzener

    Yep, that was pretty much the point of the article. The concern I have is that the “dealt with” part for Android is posts in forums.

    The applications can still be installed, they may not be highlighted in Google's App Marketplace, but (I may be totally mistaken here) they can be downloaded and installed from other sites that highlight Android apps.

    There needs to be a centralized website that lets Android users know if an app is safe to install. There may actually be one, or at least an app that you can install that lists applications and helps you keep installed apps up-to-date.

    I have heard Leo Laporte talking about such things, but I can't find any websites myself. He highlighted an app on his Droid X, but I can't say for sure if it vets apps to be sure they are safe before listing them in that app.